bokanrb - Security Researcher - Exploit Intelligence Platform

CVE-2021-27403 NOMISEC MEDIUM WORKING POC

Askey RTF8115VW - XSS

Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS.

13 stars

CVSS 6.1

View Code

CVE-2021-27404 NOMISEC MEDIUM WRITEUP

Askey RTF8115VW - Code Injection

Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header.

3 stars

CVSS 6.1

View Code

CVE-2018-6961 NOMISEC HIGH WORKING POC

Vmware Nsx Sd-wan BY Velocloud < 3.1.0 - OS Command Injection

VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. This component is disabled by default and should not be enabled on untrusted networks. VeloCloud by VMware will be removing this service from the product in future releases. Successful exploitation of this issue could result in remote code execution.

1 stars

CVSS 8.1

View Code